If You Connect, You Must Protect

Derek Holmes

Be it for our personal use or for business purposes, most of us are connecting to networks and interacting with some form of sensitive data on a daily basis. We have all kinds of great devices (such as phones, tablets, and PCs) that we’re using to connect to a variety of networks, each with differing levels of protection; at home, public Wi-Fi in the coffee shop or at the airport, in our doctor’s office, and at our place of work.

Some of these networks are well protected. Others may not be protected at all. And any one of these networks could be the target of a hacker, putting us and our sensitive information at risk. Think of the many things we’re doing while connecting in these places, the applications we’re using, and the information we’re accessing. Here are a few examples:

  • Bank accounts
  • Social media
  • Online shopping and retail services
  • Government services
  • Health and medical services
  • Corporate accounts
  • Business applications
  • Intellectual Property

While these devices are doing wonders for making our lives easier, they’re also exposing us to all sorts of new threats. Think of all the things we do day to day on our devices, what kind of information we’re sending and accessing, and where that information is going or coming from. Is that information protected? Is that connection protected?

Imagine you’re at your doctor’s office, checked in and waiting in the lobby. You’re a little early for your appointment, so you grab your cell phone and check for a few social media updates. Maybe you see an advertisement for something and decide to make a quick order, but first you want to check your bank account for an update on your financials. Meanwhile, someone has been eavesdropping on all of your communications.

Were those communications encrypted? Did your applications do anything to protect your data from the eavesdropping? Were any of your accounts compromised? Has your device been compromised or infected with some form of malware?

We place a certain amount of trust in these networks to provide us security, but what can we do to increase our own protection? Regardless of where or why we’re connecting, we need to take adequate measures to ensure we’re protecting ourselves and our information.

Security Software

No matter what type of device you’re using, if it’s connected, you need to protect it. PCs, smartphones, tablets, and even gaming devices, are all network connected, sending and receiving information to and from the Internet.

Your device is likely loaded up with many different software applications for almost any purpose that can be imagined. But does your device have software installed to keep it protected from viruses and malware or for encrypting and protecting your connection to the Internet? Anti-virus, VPN, and firewall software all have something to offer as part of a layered security approach.

There are many security software options out there, including many that are free, that can quickly add a layer of security and protection to your devices. Many of these options are quick to install and easy to set up even for the less tech-savvy among us. For business users, there are many options that are easy to manage, on-premises or in the cloud—we can help you find one that works great for your environment.

Even when using security software, you should also make sure your other apps are up to date with the latest versions (especially those that regularly connect to the Internet) and that they provide some level of security or encryption if they’re used to access sensitive data. Many of these apps will notify you when an update becomes available. Many breaches occur when unpatched applications are exploited. 

Web Browser

Be sure to keep your preferred Web browser patched and up to date as well. Many attackers target known vulnerabilities in older browsers that may be fixed with a patch. Leaving these vulnerabilities in place just increases your attack surface and, unfortunately, makes you a more likely target.

Also practice safe Web surfing, like checking for use of “https” versus “http” when visiting websites (the “s” is for “secure”). This is often indicated in your browser with a padlock (sometimes green in color) next to the Web address. This means that your browser is using a secure connection and your communications are being encrypted. And remember, if it’s not encrypted, others may be able see your data, especially when using free public Wi-Fi.

Operating Systems

It’s also important to make sure you’re keeping your device’s operating system (OS) patched and up to date. These patches often contain security fixes that help protect you from new threats, and many devices have an option to automatically download new patches as they’re released.

Another thing to consider: if your device is no longer capable of running the latest patches or OS versions, you could be putting your information at risk. Most software developers continue to support and patch older versions of their OS for a length of time even after releasing newer versions. Knowing when that support ends is important, as you’ll no longer receive those patches and security fixes, and you should consider whether or not to continue using the device.

Managing Risk

We connect a lot of devices to a lot of networks. And doing so can put us at risk for things like exposing our information and data to unknown parties, as well as malware that can steal our data or otherwise compromise our information. There are a lot of things we can do to protect ourselves; keeping our security software, Web browser, and OS up to date is critical for protecting our devices and protection from known threats and vulnerabilities.

Be conscious of what you’re accessing, where you’re accessing it from, and what device you’re accessing it with. And remember, if you connect, you must protect.

Derek Holmes is a Senior Systems Engineer for TSG Security at Connection. His area of knowledge includes Network and Systems Architecture Design, Network Access Control and Policy Enforcement, VMware virtualization and Virtual Desktop Infrastructure solutions, and product and service delivery. Derek is also a Cisco Certified Network Associate and has CompTIA Security+ and VMware VCP5-DV certification. In his spare time, Derek is a big fan of science fiction and fantasy in all its myriad forms and enjoys spending his free time with his family and pets.